When you turn off an iPhone, it doesn't fully power down. Chips inside the device continue to run in a low-power mode that makes it possible to locate lost or stolen devices using the Find My feature or use credit cards and car keys after the battery dies. Now researchers have devised a way to abuse this always-on mechanism to run malware that remains active even when an iPhone appears to be powered down.
It turns out that the iPhone's Bluetooth chip—which is key to making features like Find My work—has no mechanism for digitally signing or even encrypting the firmware it runs. Academics at Germany's Technical University of Darmstadt figured out how to exploit this lack of hardening to run malicious firmware that allows the attacker to track the phone's location or run new features when the device is turned off.
This video provides a high overview of some of the ways an attack can work.
[...]
"The current LPM implementation on Apple iPhones is opaque and adds new threats," the researchers wrote in a paper published last week.
(Score: 3, Funny) by ikanreed on Monday May 23 2022, @04:29AM (2 children)
It's called iOS
(Score: 5, Touché) by Rosco P. Coltrane on Monday May 23 2022, @06:26AM
iOS is no better or worse than Android - or any proprietary desktop OS for that matter.
OSes have basically become trojan horses into people's private data. They are adversarial in nature, implement as many surveillance features, and lie to the user about the true meaning of their privacy settings as the software vendors can legally get away with.
If you want a safe cellphone, disconnect the battery (almost impossible these days, surprise surprise...) to turn it off, or stick it in a metal box, to truly declaw it.
(Score: 0) by Anonymous Coward on Monday May 23 2022, @01:37PM
It's called Windows
The real question is how they got such bloated spyware fo even load on an iphone? Did Apple invent subspace containers?
(Score: 4, Insightful) by Adam on Monday May 23 2022, @04:44AM (2 children)
Seems like just a few weeks ago we were discussing how the internet giants were/are going to use bluetooth thing to replace passwords. This doesn't instill confidence in that initiative, nor does it surprise.
(Score: 5, Interesting) by Rosco P. Coltrane on Monday May 23 2022, @06:41AM
I haven't had any confidence in any tech company since they discovered they can make off like bandits stealing and selling my private data, and since I myself became aware that I had become a cow to be milked instead of a paying customer that deserves respect.
That epiphany occurred to me in 1999 when early Big Data sonofabitch Scott McNealy openly stated that you have zero privacy, get over it [beaconseniornews.com]. He got careless: a few observant people like myself got an early warning that tech companies had switched to exploiting the users rather than selling them genuine products, and that the future of tech as a force for the good of humanity that we had all been waiting for since the 70s was not going to happen. Nowadays though, Big Tech is much more careful about being brutally honest.
(Score: 5, Interesting) by acid andy on Monday May 23 2022, @12:27PM
I'm still horrified that they massively expanded the range of Bluetooth which greatly increases the chances of exposure to an attack.
If a cat has kittens, does a rat have rittens, a bat bittens and a mat mittens?
(Score: 3, Touché) by acid andy on Monday May 23 2022, @12:25PM (5 children)
Yeah, just take the battery out. What's that, you can't? Then don't buy an Aye-Fone(y).
If a cat has kittens, does a rat have rittens, a bat bittens and a mat mittens?
(Score: 1) by shrewdsheep on Monday May 23 2022, @01:36PM (1 child)
Agreed. Unfortunately, Android plays copy-cat so it's only a question of time until 99% of mobile will be infested. Maybe the latest Android stuff does the same already?
(Score: 2) by Mojibake Tengu on Monday May 23 2022, @01:54PM
https://randomnerdtutorials.com/esp32-bluetooth-classic-arduino-ide/ [randomnerdtutorials.com]
Yawn.
Respect Authorities. Know your social status. Woke responsibly.
(Score: 2, Funny) by Anonymous Coward on Monday May 23 2022, @01:42PM (2 children)
Now now calm down you can take the battery out. You just need pliers, box cutter, stanley knife, micro custom screwdriver, magnifying glass, clamp, decent workbench or similar space, hot glue kit, soldering iron, up to an hour, and a willingness to not just void your warranty but to convert your pretty thousand pound pride and glory into a brick.
(Score: 3, Interesting) by liar on Monday May 23 2022, @03:00PM (1 child)
Or put your phone in an old hard drive antistatic bag (very much like a Faraday pouch)...
Noli nothis permittere te terere.
(Score: 0) by Anonymous Coward on Tuesday May 24 2022, @04:04PM
Galaxy XCover Pro!
(Score: 3, Informative) by maxwell demon on Monday May 23 2022, @02:26PM
If the device is turned off, nothing can run, by definition. But devices that can actually be switched off are rare these days.
The Tao of math: The numbers you can count are not the real numbers.